Important: This is a provisional draft, not a statement that every listed legal detail has been confirmed. Before publication as a final policy, replace every highlighted placeholder and verify the data practices of each released game.
1. Controller and contact details
ArcticExile is operated by [INSERT LEGAL OPERATOR OR COMPANY NAME], located at [INSERT BUSINESS ADDRESS AND COUNTRY]. In this policy, “ArcticExile,” “we,” “us,” and “our” refer to that operator and data controller. The complete provider details must also be added to the Legal Notice.
For privacy questions or requests, contact support@arcticexile.com.
2. Scope and legal framework
This policy applies to the ArcticExile website at arcticexile.com. It is also intended as a starting point for future ArcticExile mobile games, but each game’s actual data collection, permissions, third-party services, age rating, and regional requirements must be confirmed before release. This draft is structured for the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the German Telecommunications Digital Services Data Protection Act (TDDDG). The operator must confirm the laws and supervisory authority that apply after its location and activities are finalized.
3. Information collected through this website
Information you choose to send
If you email us, we may receive your name, email address, message, and any other information you choose to include. Please do not send passwords, full payment-card details, or unnecessary sensitive information.
Technical information
The website is hosted on Cloudflare Pages. Cloudflare may process technical request information needed to deliver and protect the website, such as IP addresses, device and browser information, requested URLs, timestamps, and security signals. Cloudflare acts under its own terms and privacy documentation.
Email communication
This website does not collect or transmit contact-form submissions. Selecting an email link opens your email application. Messages are then processed by your email provider and the email providers used by ArcticExile. General inquiries can be sent to contact@arcticexile.com.
4. Mobile game data
TinyMerge has been identified as a Google Play game in closed testing, but its game-specific data practices have not been confirmed in this draft. Before testing expands or the game launches publicly, complete the following:
- [LIST DATA COLLECTED BY EACH GAME, OR CONFIRM THAT NONE IS COLLECTED]
- [LIST ANDROID PERMISSIONS AND WHY THEY ARE NEEDED]
- [LIST ADVERTISING, ANALYTICS, CRASH REPORTING, CLOUD SAVE, ACCOUNT, OR OTHER SDK PROVIDERS]
- [CONFIRM CHILDREN’S PRIVACY AND AGE-AUDIENCE APPROACH]
- [CONFIRM GOOGLE PLAY DATA SAFETY DISCLOSURES]
5. How information is used
Website inquiry information may be used to respond to messages, provide support, investigate bugs or security concerns, maintain business records, prevent abuse, and comply with applicable legal obligations. Add or revise purposes when game data practices are confirmed.
6. Purposes and legal bases
Under Article 6(1) GDPR, processing may be based on:
- Article 6(1)(b), when processing is necessary to respond before a contract or perform a contract;
- Article 6(1)(c), when processing is necessary to comply with a legal obligation;
- Article 6(1)(f), for legitimate interests in answering inquiries, securing the website, preventing abuse, and maintaining reliable operations, where those interests are not overridden by individual rights; or
- Article 6(1)(a), consent, where consent is specifically requested.
The operator must confirm the purpose, legal basis, and any legitimate-interest assessment for each actual processing activity: [CONFIRM THE FINAL PURPOSE-AND-LEGAL-BASIS TABLE].
7. Sharing and service providers
Website information may be processed by service providers that help operate the website and communication channels, including Cloudflare for hosting and security and email providers used by ArcticExile. We do not state that information is sold. Confirm any future advertising or data-sharing activity before a game release: [CONFIRM WHETHER PERSONAL INFORMATION IS SOLD, SHARED FOR TARGETED ADVERTISING, OR OTHERWISE DISCLOSED].
8. International transfers
Cloud service providers may process information in countries other than your own. The legal operator must confirm locations and transfer safeguards where applicable: [CONFIRM INTERNATIONAL TRANSFER MECHANISMS].
9. Retention
Email records should be kept only as long as reasonably needed for the inquiry, support, security, accounting, or legal purposes. Insert an approved schedule: [INSERT RETENTION PERIODS OR CRITERIA].
10. Device storage, cookies, and analytics
This website does not intentionally add analytics, advertising trackers, social-media widgets, or nonessential cookies. Cloudflare may use strictly necessary mechanisms for security and reliable delivery. If analytics or other optional technologies are introduced, this policy and any required consent controls must be updated first. Under § 25 TDDDG, optional storage of or access to information on a visitor’s device generally requires informed consent unless a statutory exception applies. The current static site does not intentionally use optional device storage, so it does not display a consent banner.
11. Your rights
Depending on where you live, you may have rights to request access, correction, deletion, restriction, objection, portability, or withdrawal of consent. You may also lodge a complaint with a data protection supervisory authority. These rights can be limited by law. Send requests to support@arcticexile.com. The operator must identify the competent German authority after its business location is confirmed: [INSERT COMPETENT GERMAN DATA PROTECTION SUPERVISORY AUTHORITY].
12. Children’s privacy
The intended audience and child-directed status of TinyMerge and future games have not been confirmed. Before release, document the age audience, parental-consent approach, and any child-specific protections: [CONFIRM AGE AUDIENCE AND CHILDREN’S DATA PRACTICES].
13. Security
We use reasonable technical and organizational measures appropriate to the website, but no internet transmission or storage method can be guaranteed completely secure. The operator should document internal access, deletion, incident-response, and vendor-review processes.
14. Changes to this policy
When this policy is finalized or updated, the effective date above will be changed. Material changes may be communicated through the website or a game where appropriate.
15. Contact
Privacy contact: support@arcticexile.com
Legal operator: [INSERT LEGAL NAME]
Address:
[INSERT POSTAL ADDRESS]
Representative or data protection contact, if required:
[INSERT DETAILS OR “NOT APPLICABLE”]
Provider information is also listed in the Legal Notice.
